Organization
Here you can change your organization settings. Note: In the list below you can find just some information to introduce the feature. You can click on the headline of the feature to get to the detailed explanations.
- Organization Details
- Set your logo and name of your organization
- Application Key (used for API access)
- CustomizationID is shown (might be required for integration)
- Contact URL and Support URL used in the notifications
- Default Callback URL
- If you set a callback, every finished or changed envelope will cause a request on your defined URL. With this URL you can add your own service for e.g. performing an automatic archiving via eSAW API. If the URL is empty no callback is fired on finish or change of the envelope. More details about the callbacks are available in our API Reference - SOAP and below this enumeration as a separate chapter.
- Placeholder for envelope complete callback: ##EnvelopeId## and ##Action## (only envelopeFinished action available)
- Placeholder for envelope status change callback: ##EnvelopeID## and ##Action## (workstepFinished, workstepRejected, workstepDelegated, workstepOpened, sendSignNotification, evnelopeExipired, workstepDelegatedSenderActionRequired)
- Design of the document viewer for recipients
- Set a default redirect URL for finished documents
- Upload and download designs
- Information about the biometric encryption key
- Disposable Certificate
- Configuration of the LRA to use the disposable certificates. Settings for LRA credentials, certificate type and disclaimer usage.
- SwissCom OnDemand Certificate
- Configuration for the SwissCom OnDemand Certificate
- SwissCom OnDemand Certificate UI configuration
- BankId Authentication
- Set the authentication certificate
- Generic Signing Plugins
- Configure the signing plugin
- Policy for the document viewer for recipients
- Upload and download the default policy for the document viewer for recipients
- Retention Period
- Enable Retention Period of Organization Drafts and Envelopes. This will automatically delete envelopes after a certain time, when they reached a final state (expired, finished, canceld). Please note that templates are not affected by the retention period.
- Backup
- Download all finished envelopes. A backup-process will be started and you will be informed if the backup is ready for download.
- OAuth Settings
- Add provider for the OAuth authentication (See OAuth Guide)
- SAML Settings for Signer Authentication
- Due its complexity of the configuration, we highly recommend you to contact us about the SAML configuration.
- Add provider for the SAML signer authentication
Examples of Use Cases
- ADFS integration for eSAW backend users
- Signer authentication with external SAML service
- SAML Settings for User Authentication
- Add provider for the SAML user authentication
- Recipient Settings
- Set the recipient settings of your organization
- Default Signature Settings
- Default signature method (preselected)
- Imprint settings, such as font-type, font-size, date-format
- Biometric signature batch configuration (allow usage of biometric signature over different physical documents). Check with your legal consultant about its usage (default is disabled)
- Settings for draw to sign signatures
- Envelope Defaults
- default organization settings about reminders for signers
- Audit Log Settings
- Settings of the audit log (audit trail). It is not recommended to disable the audit-log, because it is an important evidence (see signature guide).
- Settings for separate logs per document
- Email Settings
- User Logout Redirect Url
- Envelope Details Page
- Signature PAdES (PDF Advanced Electronic Signature) Configuration
Organization Details
Before the version 20.42 you were able to configure the following settings in this section:
- Organization Name
- Organization Key (can since 20.42 be found in the section Api Token and Apps
- For more information about the mentioned section please see the documentation directly above.
- Customization Id
- Contact URL
- Support URL
Overview of the organization settings
Default Callback URL
In section “Default Callback URLs” you can define which URLs should be invoked as callback for envelopes sent via WebUI. When sending envelopes via API, the callback URL can be specified on envelope level via API.
Following callback URLs can be defined for envelopes sent via WebUI:
| Callback type | Status Change |
|---|
| Callback for completed envelope | Gets fired whenever an envelope gets finished (completed or rejected) |
| Callback for envelope status change | Gets fired whenever an envelope's status value changes
(workstepFinished, workstepRejected, workstepDelegated, workstepOpened, sendSignNotification, envelopeExpired, workstepDelegatedSenderActionRequired) |
In both URLs, you can use following placeholders:
| Placeholder | Value |
|---|
##EnvelopeId## | the envelope id; typically in GUID format |
| ##Action## | the action which triggered the callback; usually one of workstepFinished, workstepRejected, workstepDelegated, workstepOpened, sendSignNotification, envelopeExpired, workstepDelegatedSenderActionRequired. But consider in a callback handler implementation, that future versions may fire additional callbacks. |
For envelopes sent via WebUI, it is currently not supported to specify a workstep event callback handler URL.
Read the Integration Guide, section Api Reference - Introduction REST, for further information about integrating with callback handlers.
You can define an authentication for the callback. 
The next screenshot shows an overview where you can find the settings:
| Figure | Description |
|---|
| - Default callback URLs settings
- Add authentication
|
If you click on the button “add authentication” the following window appears:
| Figure | Description |
|---|
| - New callback authentication
|
In this section you can define:
- The name of the callback (default value: “New Callback Authentication”)
- The authentication (None or basic, default: none)
- The pattern (the URL should contain the given pattern)
- The pattern “*” matches anything
If you choose “basic” as authentication the following window appears:
| Figure | Description |
|---|
| - Select basic authentication
- Basic authentication settings
|
Within this section you can define:
- The domain
- The username
- The password
After filling in the dates for the authentication you can test if the URL matches any pattern of the authentications. If no pattern matches you get an information. The following screenshots show you a warning and a successful matching of the patterns.
| Warning | Matching pattern |
| |
If you have more than one authentication and you check the URL for the pattern and more than one authentication matches, always the first one of the list will be highlighted green.
After those settings you can send an envelope as usual. If you have authentication activated but the given dates are wrong you get an information.
In the next Screenshot you can see both scenarios (with a valid authentication and with a invalid authentication). If you click on the exclamation mark following text appears: “Response status code does not indicate success:401 (unauthorized)”.
Using the following two websites by your own risk. These two websites are not part of Namirial! |
If you want to try the callback URL without authentication you can try it with: https://webhook.site
If you want to try the callback URL with authentication you can try it with:postman echo
Design of the document viewer for recipients
In this section you can define the redirect URL for finished documents. Moreover you can upload the current design, reset the design to default, download the current design and download the design template. For more information about designing the viewer please also have a look at the Viewer Guide.
Disposable Certificate
In this section of your organization you can define a disposable certificate. For this setting you need following dates:
Moreover, you can decide if you want to use a lean disposable, if you want to get a disclaimer before certificate request and if you want to send disposable disclaimer document emails. The following screenshot shows you where to find those settings.
| Figure | Description |
|---|
| - Disposable certificate settings
|
For more details and information of how to use the disposable certificate please also see the Beginner Guide.
BankId Authentication
This feature is not available with basic subscription, so please contact your Namirial sales. |
You can find a sample configuration (REST and SOAP) on the following page: Beginner Guide
Generic Signing Plugin
This feature is not available with basic subscription, so please contact your Namirial sales. |
In your organization settings you can find the configuration for the generic signing plugin. Configure the plugin in this settings to use the signature in creating an envelope. Please see the next figure (sample of a plugin).
For more information about how to create an envelope with a generic signing plugin in the UI please also have a look at the Beginner Guide.
For information about how to send an envelope with a generic signing plugin in REST please see a sample configuration at the Beginner Guide.
Policy for the document viewer for recipients
In this section you can:
- upload a policy
- reset the policies to default
- download the current policy
- and download the policy template
Please see the following sample of the policy template.
<GeneralPolicies>
<AllowSaveDocument>1</AllowSaveDocument>
<AllowSaveAuditTrail>1</AllowSaveAuditTrail>
<AllowUndoLastAction>1</AllowUndoLastAction>
<AllowAdhocPdfAttachments>0</AllowAdhocPdfAttachments>
</GeneralPolicies>
You can find an overview of all policies on this page: Document-Policy
Retention Period
In this section you can define a retention period for the organization drafts and envelopes. Please note the following rules for the different types of documents (add the days you selected in this section to the following rules:
- Drafts will be removed X days after creation date
- completed/rejected and canceled envelopes will be removed X days after completed/rejected/canceled date
- expired envelopes will be removed X days after expiration date
- templates are not removed
When enabling retention period, please ensure to set up an appropriate process to keep copies of signed documents, audit trail evidence and other legally binding documentats related to the envelope elsewhere. Data retention configuration will permanently delete the envelopes, including signed envelopes, from the eSignAnyWhere Platform according to the rules described above. We recommend to store the documents and related evidence in a DMS. When API access is granted for your account, you can implement automatic storage in a DMS after an envelope was completed. Alternatively you could e.g. keep copies in any other storage or probably keep a copy in your mail inbox.
Backup
In this section you can download all finished envelopes you have signed or sent.
If you click on the “Finished Envelopes” button you can see that the backup is prepared.
While collecting all envelopes on the server for the backup (which may take up to several hours), following Text will be displayed:
Your backup is queued and will be started soon. You will receive an email once your backup is ready for download.
If you e.g. have been logged in in several browsers while requesting the backup, or request the backup at the same time as another user does, the text might not yet be visible while the backup process is already in progress. If you press the button to start a backup process, an error message informing that you "tried to schedule a backup operation while another one is already in progress" will be shown.
Once the backup was completed, you will receive an email to download the backup. The backup is then available for 48 hours to be downloaded.
Automatic Remote Signature Profiles
In this section the user manager of an organization can add automatic remote signature profiles, which can be used for any workflow as a recipient (recipient type “Automatic”). This recipient signs automatically the signatures and the workflow continues automatically. For more information please also have a look at the electronic signature guide.
Default Signature Settings
In this section you can set the default signature type for the envelopes. After you have set the configuration in this section the defined signature type will be preselected if you create a new envelope.
Envelope Defaults
You can set the following settings for the envelope defaults:
- Prevent editing of form fields after envelope is finished
- default send automatic reminders
- Set the reminders
- For detailed information about the reminders please have a look at the User Guide.
If you prevent editing form fields after the envelope is finished the form fields in the PDF are all read only.
Therefore, after locking the form fields (after the final workstep), the form fields are not editable any more with other PDF tools.
Please also see the next figures:
| Unlocked |
|---|
| |
Information on whether the form fields are locked or not can also be found in the audit trail. Please see the next figure:
Audit log Settings
Note: It is not recommended to disable the audit-log, because it is an important evidence (see signature guide). |
In this section you can define the following settings:
- Settings of the audit log (audit trail).
- Settings for separate logs per document
Signature PAdES Configuration 
Allows to set the signature configuration based on the different PAdES levels, for following types of signatures.
- HTML5 Signatures (Click2Sign, Type2Sign, Draw2Sign)
- Biometric Signatures, SMS-OTP Signatures
- Digital Remote Signatures, Disposable Certificate, Automatic Remote Signatures, P7M-Signature, SwissCom, A-Trust, LongLiveDisposable, PushTan, LocalCertificate
Description of the different PAdES baseline levels supported by eSignAnyWhere:
- PAdES level BASELINE-B without using an external timestamp server
- B-Level: Short-term electronic signature with signing certificate
- contains just the time information from local machine; without an external server time stamp
- PAdES level which require using an external timestamp server: BASELINE-T, BASELINE-LT and BASELINE-LTA
- T-Level: Includes B-Level and a time stamp
- Use the configured time stamp server on the signature itself
- Ensures that the document existed at a specific date and time, where time is granted by the external timestamp server
- LT-Level: Includes T-Level and a full set of certification and full set of revocation data
- Use the configured time stamp server on the signature itself
- Allows validation of the signature without access to the signing environment.
- LTA-Level: Includes LT-Level and a timestamp of a TSA (Time Stamping Authority)
- produces in addition to the signature field defined a time stamp signature on the document
| Figure | Description |
|---|
| - PAdES settings
|
Email Settings
- Set the email sender appearance configuration
User Logout Redirect Url
- Set a redirect Url for eSignAnyWhere users, when they logout (e.g. to an intranet page)
Default redirect url before sending a draft
This setting is available only when the feature flag "BeforeDraftSendRedirect" was granted to the organization. |
Configures a Redirect URL to which the envelope creator is redirecting instead of sending an envelope.
Instead of the page sequence
"Recipients Page" - "Designer Page" - "Summary Page"
, with a configured redirect url before sending, the sequence is following:
"Recipients Page" - "Designer Page" - "Summary Page" - (custom redirect page)
In this scenario, the custom redirect page may adopt the draft with the draft update API methods, and has to send the draft via API methods.
See Document Tagging Scenario - Example showing how to collect metadata for DMS archiving for an example on how to integrate a DMS tagging using that functionality.
Envelope Details Page
- Allows the sender to copy the viewer link from the envelope details page (if sender role grants required envelope permission)
- For more information please also see this page
Recipient settings
You can set the following settings for the recipient:
- default CC for all signers
- usage of envelope metadata
- allow recipients to access envelope again after it has been completed and closed
- delegation settings
- allowed authentication methods for signers
- force authentication
If you force an authentication and the user does not select any or a specific authentication method then the user will get the following notification:
